On 04/12/2011 02:20 PM, Quanah Gibson-Mount wrote:
--On Tuesday, April 12, 2011 9:57 PM +0200 Judith Flo Gaya jflo@imppc.org wrote:
I changed the ldap.conf file in the client so instead of TLS_CACERTDIR now I'm using TLC_CACERT <file.pem>
MozNSS can't use pem files. It uses a cert database. So your MozNSS linked clients will never work if you point them at a OpenSSL style pem file.
It can and does use PEM files. Everything in http://www.openldap.org/faq/data/cache/185.html also applies to using openldap with Mozilla NSS.
Note that http://www.openldap.org/faq/index.cgi?file=1514 describes how to use openldap with the native MozNSS key/cert database. It works with both PEM files and key/cert dbs.
--Quanah
--
Quanah Gibson-Mount Sr. Member of Technical Staff Zimbra, Inc A Division of VMware, Inc.
Zimbra :: the leader in open source messaging and collaboration